[Feature]: Can this be part of the roadmap for practical use case as top priority. tls / ktls support first.
ouvaa opened this issue · comments
Description of new feature
- gnet-ktls
- gnet-ktls-h2
- gnet-ktls-h2-iouring
once all the above is done, it's "perfect"
Scenarios for new feature
for use in real world scenario behind cloudflare as cloudflare only supports grpc with http2
https://developers.cloudflare.com/network/grpc-connections/
Enable gRPC
Requirements
Your gRPC endpoint must listen on port 443.
Your gRPC endpoint must support TLS and HTTP/2.
HTTP/2 must be advertised over ALPN.
possible to make this happen? thx.
please pull the ktls as currently having issues with the dependencies. also, you can pull into dev branch.
Breaking changes or not?
Yes
Code snippets (optional)
No response
Alternatives for new feature
None.
Additional context (optional)
None.
@panjf2000 will be one of your sponsor if this is part of the roadmap.
do make this gnet-ktls or gnet-ktls-h2 happen for now.
@panjf2000 sorry i just realised i asked before.
but do put this as top priority. thx
Implementing TLS for gnet
is not a trivial job and I'm not sure that I have much time in the near future. Therefore I can't guarantee an ETA on this. If you're in a hurry, you may want to seek out other off-the-shelf solutions.
@panjf2000 yes i understand but can you also try out gnet ktls?
it's almost done and the issue i've mentioned here:
0-haha/gnet_tls_examples#2
do u think u can just have a quick patch on it? it's working except some connection stack overflow issue
@panjf2000 possible to do something along this line so we can at least have a wrapper around the listener part?
i've checked gnet code and cant seem to find something similar
@panjf2000 this repo support tls too but it's using an older version of gnet.
pls look into it
https://github.com/luyu6056/tls
https://github.com/luyu6056/bbs
https://github.com/luyu6056/gnet
@panjf2000 i finished testing https://github.com/luyu6056/socks5
the http2 is amazing and it works. please incorporate into gnet examples etc
the tls works without http too.
please look into it. it may have some edge case
I'll see what I can do, but still, no specific guarantees for that.
@panjf2000 u can really look at the https://github.com/luyu6056/tls etc repos mentioned or just use a wrapper around the listener part like fasthttp. the luyu6056 i've tested is working well but it's not multicore enabled or difficult to set.
i'll sponsor and help you get more sponsors once this is done. really need tls rather urgently. hope to see it done within 3 weeks. it's been too long and with luyu6056 done, and wrapper example shown, this shld be gnet's top priority. it's 2024 and without tls it's just not practical for business use.
thx in advance